Category: CEF

Fundamentals

Multilayer switches can perform packet switching up to ten times as fast as a pure L3 router.

When it comes to Cisco Catalyst switches, this hardware switching is performed by a router processor (or L3 engine). This processor must download routing information to the hardware itself. To make this hardware-based packet processing happen, Cat switches will run either the older Multilayer Switching (MLS), or the newer Cisco Express Forwarding (CEF).

Application-Specific Integrated Circuits (ASICs) will perform the L2 rewriting operation of these packets. With multilayer switching, it’s the ASICs that perform this L2 address overwriting.

in addition to the CAM table we have a TCAM table – Ternary Content Addressable Memory. Basically, the TCAM table stores everything the CAM table can’t, including info about ACLs and QoS.

Route Caching

Route caching devices have both a routing processor and a switching engine. The routing processor routes a flow’s first packet, the switching engine snoops in on that packet and the destination, and the switching engine takes over and forwards the rest of the packets in that flow. Route Caching can be effective, but there’s one slight drawback – the first packet in any flow will be switched by software.

CEF (Cisco Express Forwarding)

Cisco Express Forwarding (CEF) is a highly popular method of multilayer switching. Primarily designed for backbone switches, this topology-based switching method requires special hardware, so it’s not available on all L3 switches. CEF is highly scalable, and is also easier on a switch’s CPU than route caching.

CEF has two major components – the Forwarding Information Base and the Adjacency Table.

The Forwarding Information Base (FIB) that contains the usual routing information – the destination networks, their masks, the next-hop IP addresses, etc – and CEF will use the FIB to make L3 prefix-based decisions. The FIB’s contents will mirror that of the IP routing table. (show ip cef)

The routing information in the FIB is updated dynamically as change notifications are received from the L3 engine. Since the FIB is prepopulated with the information from the routing table, the MLS can find the routing information quickly.

*If the TCAM table ever was full, there is a wildcard entry that will redirect traffic to the routing engine.

The Adjacency Table (AT) As adjacent hosts are discovered via ARP, that next-hop L2 information is kept in this table for CEF switching.

Moving packets from the L3 engine to software = ‘punt adjacency’

Sending packets to nowhere = ‘null adjacency’

The Control Plane And The Data Plane

Control Plane

“CEF control plane”

“control plane”

“Layer 3 engine” or “Layer 3 forwarding engine”

The control plane’s job is to first build the ARP and IP routing tables.

Data Plane

“data plane”

“hardware engine”

“ASIC”

The data plane that places data in the L3 switch’s memory while the FIB and AT tables are consulted, and then performs any necessary encapsulation before forwarding the data to the next hop.

Exceptions To The Rule

Packets that CANNOT be hardware switched:

Packets with IP header options

Packets that will be fragmented before transmission (because they’re exceeding the MTU)

NAT packets

Packets that came to the MLS with an invalid encap type

Switching Speeds

Fastest to slowest as per Cisco best practice:

1. Distributed CEF (DCEF). The name is the recipe – the CEF workload is distributed over multiple CPUs.